- Feb 18, 2022
-
-
policykit-1 (0.105-25+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
-
- Jan 15, 2019
-
-
Jeremy Bícha authored
-
Jeremy Bícha authored
Fix temporary auth hijacking via PID reuse and non-atomic fork CVE-2019-6133 Closes: #918985 Gbp-Dch: Full
-
Jeremy Bícha authored
- Patch from upstream modified by Ubuntu to test high UID fix Gbp-Dch: Full
-
Martin Pitt authored
-
Martin Pitt authored
Revert an overzealous change from the previous security fix that caused a critical to be logged when trying to set the uid property to -1 (the default value). Patch taken from https://gitlab.freedesktop.org/polkit/polkit/merge_requests/17
-
- Dec 07, 2018
-
-
Michael Biebl authored
urgency=high for the security fix
-
Michael Biebl authored
Fixes a vulnerability in PolicyKit that allows a user with a uid greater than INT_MAX to successfully execute arbitrary polkit actions. CVE-2018-19788 Closes: #915332
-
- Nov 27, 2018
-
-
Michael Biebl authored
-
Michael Biebl authored
This replaces a good deal of hand-written maintscript code.
-
Michael Biebl authored
This is no longer necessary with the D-Bus policy file being installed in /usr/share/dbus-1/system.d/. Closes: #902474
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
To better support stateless systems with an empty /etc, the old location in /etc/dbus-1/system.d/ should only be used for local admin changes. Package provided D-Bus policy files are supposed to be installed in /usr/share/dbus-1/system.d/. This is supported since dbus 1.9.18.
-
- Jul 11, 2018
-
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@debian.org>
-
Simon McVittie authored
Signed-off-by: Simon McVittie <smcv@debian.org>
-
- Apr 24, 2018
-
-
Simon McVittie authored
-
Simon McVittie authored
- d/p/0.111/Fix-a-memory-leak.patch: Fix a memory leak when PAM authentication fails - d/p/0.113/Remove-a-redundant-assignment.patch: Fix a potential compiler warning - d/p/master/Fix-multi-line-pam-text-info.patch: Split into d/p/0.106/agenthelper-pam-Fix-newline-trimming-code.patch, d/p/0.114/Fix-multi-line-pam-text-info.patch, d/p/0.114/Refactor-send_to_helper-usage.patch
-
Simon McVittie authored
-
Simon McVittie authored
-
- Apr 09, 2018
-
-
Michael Biebl authored
-
- Mar 28, 2018
-
-
Simon McVittie authored
Thanks: Adrian Bunk
-
- Mar 27, 2018
-
-
Simon McVittie authored
-
Simon McVittie authored
This hopefully makes it unnecessary to use --no-parallel, so remove that change again. Closes: #894205
-
Simon McVittie authored
This should be reverted when parallel builds work reliably. Thanks: Adrian Bunk Closes: #894205
-
- Mar 26, 2018
-
-
Martin Pitt authored
-
Martin Pitt authored
This covers the pkaction and pkcheck CLI tools.
-
Martin Pitt authored
-